A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : The WS resource record: dispersing trust in the DNSSEC root keys
Author : Tony Finch
Filename : draft-fanf-dnsop-trust-anchor-witnesses-00.txt
Pages : 11
Date : 2014-02-13
Abstract:
At the moment the root DNSSEC key is a single point of trust and a
single point of failure for the whole system. This memo describes a
mechanism for dispersing trust in the root key. Witnesses vouch for
the root trust anchor by publishing WS records in the DNS.
Validators only update their root trust anchors if multiple witnesses
agree. The root-witnesses.arpa zone enables a validator to bootstrap
trust when it has no working trust anchors other than its witnesses.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-fanf-dnsop-trust-anchor-witnesses/
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-fanf-dnsop-trust-anchor-witnesses-00
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
